Custom Rules Reference

FrontendCustomRule¶

Property	Type	Default	Description
`alert`*	AlertModel		The alert to raise if the detection conditions are met. See Alerting
`detect`*	`List[`CookieDetector`,`FrontendLogicalAndDetector`,`FrontendLogicalNotDetector`,`FrontendLogicalOrDetector`,`HeaderDetector`,`JSAssertionDetector`,`LocalStorageDetector`,`PageSelectorDetector`,`PageStatusCodeDetector`,`PageTextDetector`,`SessionStorageDetector`]`		The conditions to trigger the alert. See Detectors
`id`*	`string`		The unique identifier of the custom rule. It is provided by Escape, do not set it manually.
`seed`*	`List[`CheckAction`,`ClickAction`,`FillAction`,`FillTOTPAction`,`FocusPageAction`,`GotoAction`,`OCRAction`,`SelectAction`,`SleepAction`,`SolveCaptchaAction`,`WaitElementAction`,`WaitTextAction`]`		A list of requests to seed the scan. See Seeders
`type`*	`Const[WEBAPP]`	`WEBAPP`	The type of the custom rule. It is provided by Escape, do not set it manually.

Objects¶

AlertModel¶

Property	Type	Default	Description
`category`	CustomRuleCategory	`CUSTOM`	Category of the alert
`compliance`	Compliance	`null`	Compliance standards violated by this alert
`context`*	`string`		Context of the alert
`description`	`string`	`null`	Description of the alert
`name`*	`string`		Name of the alert
`remediation`	`string`	`null`	Remediation of the alert
`severity`*	CustomRuleSeverity		Severity of the alert

CheckAction¶

Property	Type	Default	Description
`action`*	`Const[check]`	`check`
`allow_failure`	`boolean`	`false`	Allow this action to fail without breaking authentication, defaults to False.
`locator`*	`string`		The Playwright Locator to select the checkbox to check

ClickAction¶

Property	Type	Default	Description
`action`*	`Const[click]`	`click`
`allow_failure`	`boolean`	`false`	Allow this action to fail without breaking authentication, defaults to False.
`locator`*	`string`		The Playwright Locator to select the element to click on

Compliance¶

Property	Type	Default
`cwe`	`string`	`null`
`fedramp`	`string`	`null`
`gdpr`	`string`	`null`
`hipaa`	`string`	`null`
`iso27001`	`string`	`null`
`nis2`	`string`	`null`
`nist`	`string`	`null`
`owasp`	`string`	`null`
`owasp_llm`	`string`	`null`
`pci-dss`	`string`	`null`
`psd2`	`string`	`null`
`soc2`	`string`	`null`

CookieDetector¶

Property	Type	Default	Description
`if`*	`Const[cookie]`	`cookie`	Use this to assert that a cookie is present in the browser.### Example`yamldetect: - if: cookie key: 'my-key' value: 'pattern'`
`key`	StringMatcher	`null`	Key to match
`value`	StringMatcher	`null`	Value to match

FillAction¶

Property	Type	Default	Description
`action`*	`Const[fill]`	`fill`
`allow_failure`	`boolean`	`false`	Allow this action to fail without breaking authentication, defaults to False.
`auto_submit`	`boolean`	`false`	Whether the form should be automatically submitted after the fill action
`locator`*	`string`		The Playwright Locator to select the field to fill
`value`*	`string`		The value to fill in the field

FillTOTPAction¶

Property	Type	Default	Description
`action`*	`Const[fill_totp]`	`fill_totp`
`allow_failure`	`boolean`	`false`	Allow this action to fail without breaking authentication, defaults to False.
`auto_submit`	`boolean`	`false`	Whether the form should be automatically submitted after the TOTP code is filled
`locator`*	`string`		The Playwright Locator to select the field to fill the TOTP code in
`secret`*	`string`		The secret to generate the TOTP code from

FocusPageAction¶

Property	Type	Default	Description
`action`*	`Const[focus_page]`	`focus_page`
`allow_failure`	`boolean`	`false`	Allow this action to fail without breaking authentication, defaults to False.
`url_pattern`*	`string`		The pattern to find in the URL to focus on a page. Should be a regex allowing to match the page using Python `re.findall()`.

FrontendLogicalAndDetector¶

Property	Type	Default	Description
`and`*	`List[`CookieDetector`,`FrontendLogicalAndDetector`,`FrontendLogicalNotDetector`,`FrontendLogicalOrDetector`,`HeaderDetector`,`JSAssertionDetector`,`LocalStorageDetector`,`PageSelectorDetector`,`PageStatusCodeDetector`,`PageTextDetector`,`SessionStorageDetector`]`		Logical and on a list of detectors
`if`*	`Const[and]`	`and`

FrontendLogicalNotDetector¶

Property	Type	Default	Description
`if`*	`Const[not]`	`not`
`not`	CookieDetector, FrontendLogicalAndDetector, FrontendLogicalNotDetector, FrontendLogicalOrDetector, HeaderDetector, JSAssertionDetector, LocalStorageDetector, PageSelectorDetector, PageStatusCodeDetector, PageTextDetector, SessionStorageDetector	`null`	Logical not of a detector

FrontendLogicalOrDetector¶

Property	Type	Default	Description
`if`*	`Const[or]`	`or`
`or`*	`List[`CookieDetector`,`FrontendLogicalAndDetector`,`FrontendLogicalNotDetector`,`FrontendLogicalOrDetector`,`HeaderDetector`,`JSAssertionDetector`,`LocalStorageDetector`,`PageSelectorDetector`,`PageStatusCodeDetector`,`PageTextDetector`,`SessionStorageDetector`]`		Logical or on a list of detectors

GotoAction¶

Property	Type	Default	Description
`action`*	`Const[goto]`	`goto`
`allow_failure`	`boolean`	`false`	Allow this action to fail without breaking authentication, defaults to False.
`url`*	`string`		The URL to navigate to

HeaderDetector¶

Property	Type	Default	Description
`if`*	`Const[header]`	`header`	Use this to assert that a header is present in the request.### Example`yamldetect: - if: header key: 'my-key' value: 'pattern'`
`key`	StringMatcher	`null`	Key to match
`value`	StringMatcher	`null`	Value to match

JSAssertionDetector¶

Property	Type	Default	Description
`command`	`string`	`null`	JavaScript command to execute
`if`*	`Const[js_assertion]`	`js_assertion`	Use this to execute a JavaScript command and assert it returns true.### Example`yamldetect: - if: js_assertion command: 'return window.isAuthenticated === false;'`

LocalStorageDetector¶

Property	Type	Default	Description
`if`*	`Const[local_storage]`	`local_storage`	Use this to assert that a key is present in the local storage.### Example`yamldetect: - if: local_storage key: 'my-key' value: 'pattern'`
`key`	StringMatcher	`null`	Key to match
`value`	StringMatcher	`null`	Value to match

OCRAction¶

Property	Type	Default	Description
`action`*	`Const[ocr]`	`ocr`
`allow_failure`	`boolean`	`false`	Allow this action to fail without breaking authentication, defaults to False.
`text`*	`string`		The text to click on

PageSelectorDetector¶

Property	Type	Default	Description
`contains`	`string`	`null`	Contains this string
`if`*	`Const[page_selector]`	`page_selector`	Use this to assert that a selector exists in the DOM.### Example`yamldetect: - if: page_selector contains: '#my-element'`

PageStatusCodeDetector¶

Property	Type	Default	Description
`gt`	`integer`	`null`	Condition is greater than this integer
`if`*	`Const[page_status_code]`	`page_status_code`	Use this to assert that the page status code is a specific value.### Example`yamldetect: - if: page_status_code status_code: 200`
`in`	`List[integer]`	`null`	Condition is in this list of integers (exact match)
`is`	`integer`	`null`	Condition is this exact integer
`is_not`	`integer`	`null`	Condition is not this exact integer
`lt`	`integer`	`null`	Condition is less than this integer

PageTextDetector¶

Property	Type	Default	Description
`contains`	`string`	`null`	Contains this string
`if`*	`Const[page_text]`	`page_text`	Use this to assert that a text is present in the page.### Example`yamldetect: - if: page_text contains: 'Hello, world!'`

SelectAction¶

Property	Type	Default	Description
`action`*	`Const[select]`	`select`
`allow_failure`	`boolean`	`false`	Allow this action to fail without breaking authentication, defaults to False.
`locator`*	`string`		The Playwright Locator to select the dropdown to select from
`value`*	`string`		The value to select

SessionStorageDetector¶

Property	Type	Default	Description
`if`*	`Const[session_storage]`	`session_storage`	Use this to assert that a key is present in the session storage.### Example`yamldetect: - if: session_storage key: 'my-key' value: 'pattern'`
`key`	StringMatcher	`null`	Key to match
`value`	StringMatcher	`null`	Value to match

SleepAction¶

Property	Type	Default	Description
`action`*	`Const[sleep]`	`sleep`
`allow_failure`	`boolean`	`false`	Allow this action to fail without breaking authentication, defaults to False.
`seconds`*	`number`		The time to sleep in seconds, between 0 and 10 seconds

SolveCaptchaAction¶

Property	Type	Default	Description
`action`*	`Const[solve_captcha]`	`solve_captcha`
`allow_failure`	`boolean`	`false`	Allow this action to fail without breaking authentication, defaults to False.
`auto_submit`	`boolean`	`false`	Whether the form should be automatically submitted after the captcha is filled
`locator`*	`string`		The Playwright Locator to select the captcha field to fill

StringMatcher¶

Property	Type	Default	Description
`contains`	`string`	`null`	Contains this string
`in`	`List[string]`	`null`	Condition is in this list (exact match)
`is`	`string`	`null`	Condition is this exact string
`is_not`	`string`	`null`	Condition is not this exact string
`regex`	`string`	`null`	Condition is matched on this regex with fullmatch

WaitElementAction¶

Property	Type	Default	Description
`action`*	`Const[wait_element]`	`wait_element`
`allow_failure`	`boolean`	`false`	Allow this action to fail without breaking authentication, defaults to False.
`locator`*	`string`		The selector to wait for
`timeout`	`number`	`10`	The timeout (seconds) to wait for the element to be visible

WaitTextAction¶

Property	Type	Default	Description
`action`*	`Const[wait_text]`	`wait_text`
`allow_failure`	`boolean`	`false`	Allow this action to fail without breaking authentication, defaults to False.
`timeout`	`number`	`10`	The timeout (seconds) to wait for the text to be visible
`value`*	`string`		The text to wait for until visible, case-insensitive

Enums¶

CustomRuleCategory¶

Value
`ACCESS_CONTROL`
`CONFIGURATION`
`INFORMATION_DISCLOSURE`
`INJECTION`
`PROTOCOL`
`REQUEST_FORGERY`
`RESOURCE_LIMITATION`
`SENSITIVE_DATA`
`SCHEMA`
`CUSTOM`

CustomRuleSeverity¶

Value
`HIGH`
`MEDIUM`
`LOW`
`INFO`